none
How to create a classless reverse subnet /21 zone? Win2008R2 SP0/Gold version

    Question

  • DNS+AD Win2008 R2

    I´m trying to create a classless reverse subnet for 10.0.64/21 zone and if i create using GUI or DNSCMD /ZoneAdd , the zone is created with its NS and SOA records, but i can´t add records

    DNSCMD /EnumZones also shows the newly created zone, primary os dsprimary, no problem here but i can´t add new records

    When i use DNSCMD i can create records in that zone (/RecordAdd) but i can´t list then with /EnumRecords

     

    What is the proper name of the zone? (i´ve tested both)

    64-21.0.10.in-addr.arpa? 64-71.0.10.in-addr.arpa?

    Thre is no delegation because is an internal zone and i´d prefer to create a classless reverse subnet /21 zone insted several /24 reverse zones

     

    Thursday, April 07, 2011 7:35 PM

Answers

  • I´m waiting, bu i think i solved:

     

    1) Create the classless reverse zone 64-21.0.10.in-addr.arpa  with DNSMCD as Primary (not AD integrated)

    2) populate the zone with a record

    3) Convert to AD integrated (I used the GUI)

    4) Slowly, the records form my DCs are being created aumatically (probably by netlogon service)

    I´ll wait a little bit more to make sure the solution is OK

     

     

    • Marked as answer by Tiger Li Monday, April 11, 2011 7:30 AM
    Thursday, April 07, 2011 8:17 PM
  • Here's a procedure that I helped someone, literally by remoting in their machine, to create a classless reverse zone delegation. You can adapt it to what you're trying to do.

    ==================================================================
    DNS Delegation - Add a Delegated Reverse Zone from ISP

    As discussed in:

    Thread title: "Reverse DNS smaller than /24 (v4)"
    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/4147e8fe-43d8-4eff-a890-a0e1e31a96ea/#bd664835-05b3-4d53-9b08-d845b177d9d2

    Creating a subnetted reverse zone:

    ====
    The key thing is setting the NS records in your zone file to the nameserver that is authorative for the zone based on ARIN and remove all iterations of your own nameserver.

    Follow the syntax to create the subnetted, delegated zone by using the syntax for "Child subnetted reverse lookup zone file" in the following article.
    Keep in mind, this MUST be done using a Primary zone, so if it's an AD Integrated zone, you must revert it to a Primary zone so you can work on the zone files. Once you're done you can change it back to AD Integrated, if you so desire.

    How to configure a subnetted reverse lookup zone on Windows NT, Windows 2000, or Windows Server 2003
    http://support.microsoft.com/kb/174419

    Ask the ISP to delegate the subnetted zone to your nameserver
    First create the 168_29.159.164.185.in-addr.arpa.dns zone
    Then go into the file and change all NS iterations from your server to ns.ISP'sauthorativeServer.com.
    Save the file
    Then go into DNS, right click NS, choose restart.
    Then right-click the zone, choose Reload
    Then right-click the zone, properties, Nameserver tab, remove your own server as an NS record only keeping the authorative server.
    Create a PTR such as 171 under the zone, and call it whatever you want, such as ace.domain.com
    Run nslookup or DIG to test a query to 185.164.159.171 using a an external public nameserver.
    If it doesn't work, go through the above steps again. Follow the syntax EXACTLY.
    If it does work, pour yourself a cold one.
    ====

     

    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    • Marked as answer by Tiger Li Monday, April 11, 2011 7:30 AM
    Friday, April 08, 2011 5:50 AM

All replies

  • DNS+AD Win2008 R2

    I´m trying to create a classless reverse subnet for 10.0.64/21 zone and if i create using GUI or DNSCMD /ZoneAdd , the zone is created with its NS and SOA records, but i can´t add records

    DNSCMD /EnumZones also shows the newly created zone, primary os dsprimary, no problem here but i can´t add new records

    When i use DNSCMD i can create records in that zone (/RecordAdd) but i can´t list then with /EnumRecords

     

    What is the proper name of the zone? (i´ve tested both)

    64-21.0.10.in-addr.arpa? 64-71.0.10.in-addr.arpa?

    Thre is no delegation because is an internal zone and i´d prefer to create a classless reverse subnet /21 zone insted several /24 reverse zones

     

     

    C:\Windows\system32>dnscmd /zoneadd 64-21.0.10.in-addr.arpa /Primary
    DNS Server . created zone 64-21.0.10.in-addr.arpa:

    Command completed successfully.

    C:\Windows\system32>dnscmd /EnumZones
    64-21.0.10.in-addr.arpa        Primary    File            Rev

    C:\Windows\system32>dnscmd /Enumrecords 64-21.0.10.in-addr.arpa

    Command failed:  ERROR_INVALID_PARAMETER     87    0x57

    Check the required arguments and format of your command.

    Add PTR Record for 66.66.64-21.0.10.in-addr.arpa at 64-21.0.10.in-addr.arpa
    Command completed successfully.

     

    I used the following article:

    http://cohesivelogic.com/2009/11/how-to-create-ptr-entries-for-a-classless-reverse-dns-zone-on-windows-2008/

     

    But no luck!

     

     

    Thursday, April 07, 2011 7:43 PM
  • I´m waiting, bu i think i solved:

     

    1) Create the classless reverse zone 64-21.0.10.in-addr.arpa  with DNSMCD as Primary (not AD integrated)

    2) populate the zone with a record

    3) Convert to AD integrated (I used the GUI)

    4) Slowly, the records form my DCs are being created aumatically (probably by netlogon service)

    I´ll wait a little bit more to make sure the solution is OK

     

     

    • Marked as answer by Tiger Li Monday, April 11, 2011 7:30 AM
    Thursday, April 07, 2011 8:17 PM
  • Here's a procedure that I helped someone, literally by remoting in their machine, to create a classless reverse zone delegation. You can adapt it to what you're trying to do.

    ==================================================================
    DNS Delegation - Add a Delegated Reverse Zone from ISP

    As discussed in:

    Thread title: "Reverse DNS smaller than /24 (v4)"
    http://social.technet.microsoft.com/Forums/en-US/winserverNIS/thread/4147e8fe-43d8-4eff-a890-a0e1e31a96ea/#bd664835-05b3-4d53-9b08-d845b177d9d2

    Creating a subnetted reverse zone:

    ====
    The key thing is setting the NS records in your zone file to the nameserver that is authorative for the zone based on ARIN and remove all iterations of your own nameserver.

    Follow the syntax to create the subnetted, delegated zone by using the syntax for "Child subnetted reverse lookup zone file" in the following article.
    Keep in mind, this MUST be done using a Primary zone, so if it's an AD Integrated zone, you must revert it to a Primary zone so you can work on the zone files. Once you're done you can change it back to AD Integrated, if you so desire.

    How to configure a subnetted reverse lookup zone on Windows NT, Windows 2000, or Windows Server 2003
    http://support.microsoft.com/kb/174419

    Ask the ISP to delegate the subnetted zone to your nameserver
    First create the 168_29.159.164.185.in-addr.arpa.dns zone
    Then go into the file and change all NS iterations from your server to ns.ISP'sauthorativeServer.com.
    Save the file
    Then go into DNS, right click NS, choose restart.
    Then right-click the zone, choose Reload
    Then right-click the zone, properties, Nameserver tab, remove your own server as an NS record only keeping the authorative server.
    Create a PTR such as 171 under the zone, and call it whatever you want, such as ace.domain.com
    Run nslookup or DIG to test a query to 185.164.159.171 using a an external public nameserver.
    If it doesn't work, go through the above steps again. Follow the syntax EXACTLY.
    If it does work, pour yourself a cold one.
    ====

     

    Ace


    Ace Fekay
    MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
    Microsoft Certified Trainer
    Microsoft MVP - Directory Services

    This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    • Marked as answer by Tiger Li Monday, April 11, 2011 7:30 AM
    Friday, April 08, 2011 5:50 AM